package cn.com.algery.temp.web;

import java.sql.SQLException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import cn.com.algery.temp.domain.Page;
import cn.com.algery.temp.domain.Roles;
import cn.com.algery.temp.domain.User;
import cn.com.algery.temp.domain.UserRoles;
import cn.com.algery.temp.service.UserService;

/**
 * Controller
 */
@Controller
@RequestMapping(value = "/user")
public class UserController {
    @Resource
    private UserService userService; 

    @RequestMapping("/login")
    public String view() {
        return "login";
    }

    @RequestMapping("/index")
    public String index() {
        return "index";
    }


    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public @ResponseBody Map<String,Object> login(@RequestBody User user, HttpSession session) {
    //public String login(User user, HttpSession session) {
    	Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new 
                UsernamePasswordToken(user.getUser_account(),user.getUser_pwd());
        try {
            subject.login(usernamePasswordToken);
            System.out.println("======登陆成功=======");
            Map<String,Object> map = new HashMap<String,Object>();
            map.put("token", subject.getPrincipal().toString());
            return map;
//            if(subject.hasRole("manager")) {
//            	System.out.println("======用户拥有manager权限，登录成功=======");
//            	return "redirect:/index.html";
//            }
        } catch (Exception e) {
        	System.out.println("======登陆异常=======");
            e.printStackTrace();
            return null;
        }
    }
    
    @RequestMapping(value="/getRoles",method = RequestMethod.GET)
    public @ResponseBody Map<String, Object> getRoles(HttpSession session,HttpServletRequest request) {
    	Subject subject = SecurityUtils.getSubject();
    	Map<String,Object> map = new HashMap<String,Object>();
        map.put("name", subject.getPrincipal().toString());
    	Set<String> roles = userService.queryRolesByName(subject.getPrincipal().toString());
        map.put("roles", roles);
    	return map;
    }
    
    @RequestMapping(value="/getAllRoles",method = RequestMethod.GET)
    public @ResponseBody List<Roles> getAllRoles(){
    	List<Roles> roles = userService.queryAllRoles();
    	return roles;
    }
    
    @RequestMapping(value="/getInfo",method = RequestMethod.GET)
    public @ResponseBody Map<String, Object> getInfo(HttpSession session,HttpServletRequest request) {
    	Subject subject = SecurityUtils.getSubject();
    	User user = userService.queryUserByName(subject.getPrincipal().toString());
    	Map<String,Object> map = new HashMap<String,Object>();
        map.put("name", subject.getPrincipal().toString());
        map.put("user", user);
    	return map;
    }
    
    @RequestMapping(value="/updateUserInfo",method = RequestMethod.PUT)
    public @ResponseBody Boolean updateUserInfo(@RequestBody User user,HttpSession session) {
    	userService.updateUser(user);
    	return true;
    }
    
    @RequestMapping(value="/getAllUserRoles",method = RequestMethod.GET)
    public @ResponseBody Map<String, Object> getAllUserRoles(HttpServletRequest request,Page page){
    	Map<String, Object> map = userService.queryAllUserRoles(page);
    	return map;
    }
    
    @RequestMapping(value="/updateUserRole",method = RequestMethod.PUT)
    public @ResponseBody Boolean updateUserRole(@RequestBody UserRoles userRoles,HttpSession session) throws SQLException {
    	userService.saveUserRole(userRoles);
		return true;
    }
//    public String login(@RequestBody User user, HttpSession session) {
//    	Subject subject = SecurityUtils.getSubject();
//        UsernamePasswordToken usernamePasswordToken = new 
//                UsernamePasswordToken(user.getUsername(),user.getPassword());
//        try {
//            subject.login(usernamePasswordToken);
//            System.out.println("======登陆成功=======");
//            if(subject.hasRole("manager")) {
//            	System.out.println("======用户拥有manager权限，登录成功=======");
//            	return "main";
//            }else {
//            	System.out.println("======用户无manager权限，登录失败=======");
//            	return "login";
//            }
//        } catch (Exception e) {
//        	System.out.println("======登陆异常=======");
//            //model.addAttribute("msg", "用户名或者密码错误,登陆失败");
//            e.printStackTrace();
//            return "login";
//        }
//        /*User user = userService.queryUserByName(model.getUsername());
//
//        if (user == null || !user.getPassword().equals(model.getPassword())) {
//            return false;
//        } else {
//        	return true;
//        }*/
//    }
    
    
    @RequestMapping(value = "/logout", method = RequestMethod.POST)
    public String logout() {
    	Subject subject = SecurityUtils.getSubject();
        if(subject.isAuthenticated()) {
        	System.out.println("======注销成功=======");
            subject.logout();
            return "redirect:/login.html";
        }
        return "main";
    }
    
    @RequestMapping(value = "/return")
    public ModelAndView goLogin() {
    	return new ModelAndView("redirect:/login.html");
    }
}
